Infected File Paths Are Not Correct
Symptom 1: File path on Threat Indicators Dashboard is shown as /cvlostandfound/blkuuidOfDevice
Cause: The device cannot be located in the root file system and the device is a raw disk, so the file path on the Threat Indicators Dashboard is shown as /cvlostandfound/blkuuidofDevice.
Resolution: Add the device to /etc/fstab with device UUID.
Symptom 2: File path on Threat Indicators Dashboard is shown as /cvlostandfound/vgname-lvname
Cause: A device cannot be located in the root file system and the device is a logical volume, so the file path on the Threat Indicators Dashboard is shown as /cvlostandfound/vgname-lvname directory.
Resolution: Add the device to /etc/fstab with logical volume name.
Need to Test Threat Analysis for Virtual Server Agent and File System
Resolution: To test threat analysis for virtual server agent and file system, download the following files from the European Institute for Computer Anti-Virus Research (EICAR):
-
eicar.com
-
eicar_com.zip
-
eicarcom2.zip
Note
Do not rename .txt files to .exe or .com. The system will not detect them. You must use the eicar.com and eicar.exe files.